Vulnerabilities > Fedoraproject > Fedora > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-16 | CVE-2022-39320 | Out-of-bounds Read vulnerability in multiple products FreeRDP is a free remote desktop protocol library and clients. | 4.6 |
| 2022-11-16 | CVE-2022-39347 | Path Traversal vulnerability in multiple products FreeRDP is a free remote desktop protocol library and clients. | 5.7 |
| 2022-11-16 | CVE-2022-41877 | Improper Validation of Specified Quantity in Input vulnerability in multiple products FreeRDP is a free remote desktop protocol library and clients. | 4.6 |
| 2022-11-14 | CVE-2022-37290 | NULL Pointer Dereference vulnerability in multiple products GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive. | 5.5 |
| 2022-11-11 | CVE-2022-41854 | Out-of-bounds Write vulnerability in multiple products Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). | 6.5 |
| 2022-11-09 | CVE-2022-23824 | IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. | 5.5 |
| 2022-11-08 | CVE-2022-3821 | Off-by-one Error vulnerability in multiple products An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. | 5.5 |
| 2022-11-01 | CVE-2022-42799 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products The issue was addressed with improved UI handling. | 6.1 |
| 2022-11-01 | CVE-2022-42824 | A logic issue was addressed with improved state management. | 5.5 |
| 2022-11-01 | CVE-2022-42310 | Incomplete Cleanup vulnerability in multiple products Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes already created. | 5.5 |